Tag Archives: hacking

New Vulnerabilities in the Connected World

Many exciting TV shows and movies include hacking as standard fare – overriding security systems, changing traffic lights, causing explosions, even committing untraceable murders. Hacking makes for interesting entertainment. The frightening part? It’s all possible.

The digital connections in our world are multiplying faster than we realize. It is difficult to even think of anything that cannot be connected. Connected cars and connected homes are advancing by leaps and bounds. Livestock such as cattle and sheep are tracked electronically, and your dog or cat may have an embedded chip. Even bees are being outfitted with tiny RFID backpacks. Roads, buildings and transportation systems are beaming real-time information to servers in the cloud. The rapid rise of wearables, hearables, implantables and personal medical devices means that an increasingly large number of people are connected.

The increasingly connected world provides terrific opportunities to improve life on earth. But with opportunity often comes threat – in this case the threat of hacking. And the facts are scarier than the fiction.

The word “hacking” conjures up images of millions of credit cards being stolen from banks or retailers, or perhaps the stealing of corporate secrets or even cyber-espionage between countries. Insurers have been at the forefront of this battle, designing cyber risk coverages and policies to help individuals or businesses address the financial exposure of hacking. But the connected world increases the hacking potential in incalculable ways. Here are just a few examples of other existing vulnerabilities:

  • Connected Cars: Wired magazine hired two hackers to demonstrate how a Jeep Cherokee could be hacked. The hackers showed that they could take over simple tasks like locking or unlocking doors, and could also take over the steering wheel and drive the car over an embankment.
  • Toys: The new Hello Barbie Doll is connected to the Internet and can be hacked to listen in to the conversations in your home.
  • Laptops and Smart TVs: Bad guys can remotely take over the camera and audio for these devices to spy on the laptop user or anyone viewing a Smart TV.
  • Medical Devices: Insulin pumps and other medical devices can be hacked to alter their treatment. For example, the insulin dosage can be changed, resulting in insulin shock and even death.
  • Wearables: Connected watches, shoes and health monitoring devices are notoriously exposed, especially because they often collect very private, personal information.

Fortunately many of these incidents were the work of white hat hackers hired to expose weaknesses. Unfortunately, most of the exposures still exist, and every new chip, sensor and connected device becomes a target. There are several key implications for insurers and individuals:

  • Cyber risk insurance must greatly expand. The industry has done a yeoman’s job thus far in helping to address financial exposures. But now, whole new classes of cyber threats must be evaluated and addressed.
  • Loss control must increasingly consider cyber safety. Individuals and businesses need advice on how to protect their valuable digital information, related to both traditional and new sources.
  • Insurers must consider their own growing cyber vulnerabilities. As companies employ drones, IoT devices and wearables for employees, they must understand and address the potential exposures from theft of the related information.
  • The industry must actively participate in cyber initiatives. New technology defenses, law enforcement approaches and regulation will all play a role in thwarting hackers. Insurers should provide expertise, investment and support to advance important initiatives.

It’s an exciting time to be alive. And it’s an exciting time to be in the insurance industry. Technology, with all of its benefits, is advancing fast – but faster than we can regulate and manage it.

New risks and threats from connected devices definitely exist. But connected devices also provide great opportunities for the insurance industry to play to its strength – protecting valuable assets, promoting safety and providing peace of mind to individuals and businesses alike.

Why Credit Monitoring Isn’t Enough

Having credit monitoring instead of identity monitoring is like putting a security system in the elevator but not in the whole office building. The scope of security is limited and leaves the workforce vulnerable. Thus, understanding how monitoring programs differ, how they work and why it matters is critical for safeguarding your identity.

Why should you care?

Victims of identity theft deal with increased stress, hours of work rebuilding their reputation and recovering from major financial losses; all of which have major consequences in other areas of life – like decreased productivity and performance on the job.

Given the statistics, if you haven’t dealt with the crime in some capacity, it’s only a matter of time.

The good news is that arming yourself with credit monitoring and identity monitoring gives you a better chance of stopping identity theft before it gets out of hand, thereby diminishing the negative effects that follow.

What is credit monitoring? How does it work?

There’s a broad range of credit monitoring services available in today’s market, and each program varies. Credit monitoring is a reactive approach to identity theft that involves checking credit reports for fraudulent activity. Because a credit report shows past activity, it will only reveal fraud or theft that has already affected the victim. That’s why it’s like only having security in the elevator: Once you realize the culprit is there, he has already infiltrated the building.

Credit monitoring programs will pull a member’s report, often quarterly or annually, from any number of the three major credit bureaus and make it visible to the member. On top of that, programs watch credit reports, transactions and activity for changes that could be criminal.

Another aspect of credit monitoring is resolution and recovery assistance, but, again, the levels of assistance vary from product to product. For instance, credit monitoring services will alert a member if they find fraudulent activity on the credit report(s), but some services don’t inform the credit bureaus on behalf of the member.

What is identity monitoring? How does it work?

Identity monitoring takes a more active approach. It not only focuses on credit reports but broadens the security sweep to account for name, birth date, address, email, driver’s license, Social Security number and more. Think of it as a security system for the whole office building, with security officers at every door and window.

Top-notch identity monitoring programs will check national databases for suspicious activity, watch out for questionable transactions and ultimately try to keep the member informed with real-time alerts about a data breach or fraudulent act. Touch points could even include scanning criminal record databases, sex offender registries and public records.

Identity monitoring can also give people peace of mind about their biggest worries: More than 70% of consumers are concerned about their Social Security number, credit card, insurance and driver’s license number, while less than 60% are concerned about their credit score and transaction history. People want more protection than what’s offered by credit monitoring alone, and identity monitoring is the answer.

What is the difference?

One major difference between identity monitoring and credit monitoring is accuracy. The all-inclusive nature of identity monitoring allows for a more accurate assessment of susceptibility to identity theft. For example, credit monitoring may not detect problems like tax fraud or medical identity theft because credit reports don’t necessarily show those types of information. Because identity monitoring is more robust, it can discover anomalies and provide protection for more than the financial aspects covered by credit monitoring.

Simply put, identity monitoring provides more coverage than credit monitoring.

For more information, visit clcidprotect.com.

The Cost of Fraud in the Workplace

Identity theft in the workplace and the expensive consequences are affecting more and more companies each year. One in three businesses were affected by data breaches last year, and the number of identity theft victims continues to grow. As the threat increases, it’s important to understand how identity theft happens, how it affects a company and its employees and what an employer can do to help.

How does identity theft happen?

Or better yet, how do thieves get information? Common ways include the following:

  • A dishonest employer/employee stealing information from coworkers (97% of cases, reported by companies that were fraud victims and uncovered the responsible party, were inside jobs.)
  • Hacking company databases or installing malware
  • Phishing – sending fake emails or setting up unsolicited websites/pop-up windows to get information from unsuspecting victims
  • Phone scams (40% of fraud complaints noted that the fraudsters contacted them via phone.)
  • Going through the mail or trash

There are plenty of ways that a thief uses newfound treasures. A few examples are…

  • Filing fraudulent tax returns to get the victims’ refunds
  • Bypassing security questions to access bank accounts, etc.
  • Getting healthcare through a victim’s insurance
  • Opening lines of credit, obtaining loans, leases, etc.
  • Selling the information to other thieves

How does identity theft affect the employee?

Employees who become victims of identity theft must deal with all kinds of consequences. They’ve lost their sense of safety and privacy and probably have significant financial losses. It all adds up to major stress and lots of work, which means employees are going to be heavily distracted at their jobs.

Identity theft also brings major financial setbacks. Millions of victims are suffering from the billions of dollars lost to identity theft over the last couple years, and it doesn’t help that one in four workers already deal with major financial distress on a daily basis, whether they’re a victim or not.

How does identity theft affect the employer?

Identity theft hits every kind of business, robbing companies of their private information, revealing their private information and decreasing their levels of productivity.

Fraud repercussions decrease employee productivity and eat away at company revenue. Unfortunately, every industry is vulnerable.

How can the employer help?

A good way for employers to keep their companies safe from the consequences of identity theft is to incorporate an identity theft prevention and recovery service into the employees’ benefits program. Features could include continual monitoring, assistance for addressing suspicious activity and resources that help with resolution.

Identity theft protection plans with 24/7 monitoring of credit activity and personal information will help reveal fraudulent activity before it causes significant damage. Likewise, a product that provides assistance and resources for the recovery process can help alleviate some of the stress that victimized employees feel, because they have professional guidance and support for tackling all of the necessary tasks.

All employers have a reason to consider what kind of protection and coverage is currently available for their employees. More and more companies are affected each year, and the health and financial costs should be enough to push employers toward getting a solution.

How Good Is Your Cybersecurity?

The country was rocked recently when three major enterprises, including the New York Stock Exchange, encountered cyber “glitches” that were serious enough to take them off line, leading to speculation that perhaps there was something more sinister at play. While contemplating the situation in real time, many enterprises undoubtedly engaged in a quick self-assessment of their own cybersecurity defenses and readiness and heaved a sigh of relief when the disruptions were reported to be resolved, unrelated and not caused by malicious outsiders.

But what if it had been different? How well would your company fare in the face of an attempted or successful cyber attack?

Recent events should serve as a wake-up call for all enterprises to shore up their defenses and formulate their game plan in the event of a cybersecurity incident.

Here are four key factors to consider:

1. Have you conducted a risk-based security assessment? The assessment, among other things, should determine if you’ve already been hacked, test your perimeter and scan for internal and external vulnerabilities.

2. Have you established and implemented effective employee training and awareness policies and programs? Studies repeatedly show that employees are at the heart of most security incidents. Employees should be educated about the crucial role they play in securing enterprise data, and they should be trained to recognize and avoid security threats.

3. Have you assembled an incident response team? No entity should put itself in the position of wondering what to do and who to call when it suffers a cybersecurity incident. Entities should build their incident response team and practice their response to various security incident scenarios before an incident ever happens. Companies that do this are in a better position to respond when an event occurs, thereby minimizing the financial, legal and reputational fallout of a cybersecurity incident.

4. Have you purchased insurance to cover cyber incidents? Enterprises routinely purchase insurance to transfer the risk of potential liabilities they might encounter in the course of their business operations. Cyber liabilities should be treated the same way. Cyber insurance can provide much needed financial and tactical support in the event of a cyber incident.

Takeaway

Thoughtful focus on these four steps can help companies protect against and mitigate the effects of a cybersecurity incident. As recent events have demonstrated, the risks are real, and they show no signs of abating.

Stunning Patterns Found in the Dark Net

One of the most powerful technologies for spying on cyber criminals lurking in the Dark Net comes from a St. Louis-based startup, Norse Corp.

Founded in 2010 by its chief technology officer, Tommy Stiansen, Norse has assembled a global network, called IPViking, composed of sensors that appear on the Internet as vulnerable computing devices. These “honeypots” appear to be everything from routers and servers, to laptops and mobile devices, to Internet-connected web cams, office equipment and medical devices.

When an intruder tries to take control of a Norse honeypot, Norse grabs the attacker’s IP address and begins an intensive counterintelligence routine. The IP address is fed into web crawlers that scour Dark Net bulletin boards and chat rooms for snippets of discussions tied to that IP address.

Analysts correlate the findings, and then IPViking displays the results on a global map revealing the attacking organization’s name and Internet address, the target’s city and service being attacked and the most popular target countries and origin countries.

Stiansen grew up tinkering with computers on a Norwegian farm, which led him to a career designing air-traffic control and telecom-billing systems. After immigrating to the U.S. in 2004, Stiansen began thinking about a way to gain a real-time, bird’s-eye view of the inner recesses of the Dark Net. The result was IPViking, which now has millions of honeypots dispersed through 167 data centers in 47 countries.

Norse recently completed a major upgrade to IPViking, which has led to some stunning findings. Stiansen explains:

Tommy Stiansen - NorseCorp

3C: Can you tell us about your most recent milestone?

Stiansen: We have managed to do a tenfold (increase) to where we can now apply millions of rules in our appliance.

3C: So more rules allow you to do what?

Stiansen: It allows us to have a lot more threat data and apply a lot more intelligence to a customer’s traffic. We can start applying more dynamic data. Our end goal is to apply full counterintelligence onto traffic. Meaning when we see a traffic flow coming through our appliance we will be able to see the street address, the domain, the email address used to register this domain. We can see who a packet is going to, and the relationship between the sender and receiver, all kinds of counterintelligence behind actual traffic, not just for blocking but for visualization.

3C: That level of detail was not available earlier?

Stiansen: Nope. This is something we’ve pioneered. This is our platform that we built so we can enable this (detailed view) to actually happen.

3C: So what have you discovered?

Stiansen: We’re learning that traffic and attacks coming out of China isn’t really China. It’s actually other nations using China’s infrastructure to do the attacks. It’s not just one country, it’s the top 10 cyber countries out there using other countries’ infrastructure.

3C: So is China getting a bad rap?

Stiansen: Correct.

3C: Who’s responsible? Russia? The U.S.? North Korea?

Stiansen: Everyone.

3C: What else are you seeing?

Stiansen: We’re also seeing how hackers from certain communities are joining together more and more. The hacking world is becoming smaller and smaller. Iranian hackers are working with Turkish hackers. Pakistani and Indian hackers, they’re working together. Indonesia hackers and Iranian hackers are working together.

3C: Odd combinations.

Stiansen: It’s weird to see these mixes because there’s no affiliation, there’s no friendship between the countries on a state level. But the hacker groups are combining together. The borders between hackers have been lifted.

3C: What’s driving them to partner, is it money or ideology?

Stiansen: All of the above. That’s the thing, the people who have similar ideologies find each other on social media and start communicating with each other. And the people with the financial means and shared goals meet each other, that’s the evolution. And when they do that, they become really powerful.